Today’s Cybersecurity Threats and Trends - 09/25/2024

From AI-crafted malware to fuel system fiascos...

Author

J.W. Croley
September 25, 2024

In partnership with

Before we dive in, I would like to thank all of you for supporting us with your subscription! My goal is to bring both actionable insights and information regarding cybersecurity threats to non-tech and technical professionals alike. If this sounds like something that would help someone you know, please share the newsletter!

Finally, I would like to thank Oneleet for sponsoring today's newsletter!

Please check them out! It goes a long way in our quest to get everyone interested in cybersecurity.
(You don’t have to buy or fill anything out to support us, simply click the banner below to learn about our sponsor!)

Want SOC 2 compliance without the Security Theater?

Question 🤔 does your SOC 2 program feel like Security Theater? Just checking pointless boxes, not actually building security?

In an industry filled with security theater vendors, Oneleet is the only security-first compliance platform that provides an “all in one” solution for SOC 2.

We’ll build you a real-world Security Program, perform the Penetration Test, integrate with a 3rd Party Auditor, and provide the Compliance Software … all within one platform.

1. Critical Flaws Found in Fuel Systems

Primary Threat: Critical vulnerabilities have been discovered in Automated Tank Gauging (ATG) systems, which are used in fuel storage facilities across industries. Attackers can remotely manipulate tank readings, leading to potential environmental damage, economic loss, or even physical harm. Bitsight's research reveals that thousands of vulnerable ATG systems are accessible online, raising alarm for sectors like military bases, hospitals, and gas stations.

  • MITRE Tactics: Impact, Manipulation

  • Risk: Critical – Widespread exploitation could result in significant environmental and operational consequences.

2. Bypass Blunder Now Exploited

Primary Threat: CISA has added the Ivanti Virtual Traffic Manager (VTM) authentication bypass vulnerability (CVE-2024-7593) to its Known Exploited Vulnerabilities Catalog. This vulnerability, (previously covered here), allows attackers to bypass access controls and has now been actively exploited in the wild.

  • MITRE Tactics: Privilege Escalation, Initial Access

  • Risk: High – The flaw is actively being exploited, requiring immediate patching.a

Did you know…?

AI-written malware is one of the fastest-growing trends in cyberattacks. By using artificial intelligence, hackers can now craft polymorphic malware that constantly changes its code, making it harder to detect by traditional security systems. This new breed of malware, like the kind discussed in today’s HP Wolf Security report, adapts in real-time to defenses—meaning that what worked yesterday to block malware might not work today!

3. Artificial Assault: AI-Written Malware

Primary Threat: A new wave of cyberattacks is leveraging AI-written malware to evade traditional detection methods. HP Wolf Security reveals how attackers are using AI-generated code to adapt malware for targeted attacks, making the creation and deployment of malware far more accessible to would-be threat actors.

  • MITRE Tactics: Execution, Defense Evasion

  • Risk: High – AI-written malware presents new challenges to detection tools, complicating mitigation efforts.

4. MoneyGram Grapples with Service Shutdown

Primary Threat: MoneyGram confirmed that a cyberattack was responsible for a prolonged outage affecting its services for multiple days. The company issued an official statement on X, stating that they are investigating the issue and working to restore normal operations.

  • MITRE Tactics: Impact, Denial of Service

  • Risk: High – The outage caused widespread disruption, affecting millions of global users.

5. Customized Attacks on Transportation Cause Trouble

Primary Threat: Cybercriminals are targeting transportation companies with customized social engineering attacks. Proofpoint identified the use of compromised accounts to manipulate victims into revealing sensitive data, disrupting critical logistics operations.

  • MITRE Tactics: Social Engineering, Credential Access

  • Risk: Medium – The focus on critical logistics operations increases the potential for significant disruptions.

IN SUMMARY:

Today’s cybersecurity news underscores the growing sophistication of attacks.

From AI-generated malware to vulnerabilities in critical infrastructure systems like ATG and Ivanti’s VTM, these threats demand immediate attention.

Financial institutions like MoneyGram are also facing cyberattacks, while transportation companies battle advanced social engineering schemes.

The importance of staying vigilant and applying patches promptly cannot be overstated.

Because in the end, it’s better to be paranoid than to be pwnd!

J.W.

(P.S. Check out our partners! It goes a long way to support this newsletter!)